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I CLAIM: 

1 . A system for conducting a transaction with privacy on a wide area 
network, said system comprising: 

a personal access device (PAD) associated with a subscriber to said 
system, said PAD storing a profile of the subscriber and generating commands; 

a privacy service provider (PSP) connected to the wide area 
network, said PAD being accessible by said PSP under first conditions set by said 
profile and said PSP being responsive to the commands from said PAD; 

a registered vendor (RV) connected to the wide area network; and 

a privacy shield network (PSN) connected to the wide area network, 
said RV being registered with said PSN and said PSN being structured to carry 
communications between said PSP and said RV related to the transaction under 
second conditions set by said profile. 

2. The system of claim 1, wherein said PAD stores private data 
associated with the subscriber, and wherein said PSP releases any of said private 
data to said RV only under said first and second conditions. 

3. The system of claim 2, wherein said PSP also stores said profile and 
said private data. 

4. The system of claim 1, wherein said PSP controls access by said 
RV to said PAD under said first and second conditions. 
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5. The system of claim 1, wherein said PSP includes a network server. 

6. The system of claim 1, wherein said RV includes a network server. 

7. The system of claim 1, wherein said PSN includes a network 

server. 

8. The system of claim 1, wherein said PSP controls access by said 
RV to said profile under said second conditions. 

9. The system of claim 1, further comprising a second registered 
vendor (RV) connected to the wide area network, said PSP being accessible by 
said second RV under third conditions set by said profile, said second RV being 
accessible by the first mentioned RV under fourth conditions set by said second 
RV and said first RV being accessible by said second RV under fifth conditions set 
by said first RV. 

10. The system of claim 9, wherein said second conditions include 
authorization conditions for authorizing the transaction among said PAD, said first 
RV and said second RV. 

11. The system of claim 10, wherein said authorization conditions 
include a first authorization for authorizing said second RV to complete an 
intermediate transaction with said first RV. 
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12. The system of claim 11, wherein said first authorization is sent from 
said PSP to said second RV over said PSN, said PSN preventing said first RV 
from access to first authorization. 

13. The system of claim 1, wherein said second conditions include 
authorization conditions for authorizing the transaction between said PAD and said 
RV. 

14. The system of claim 13, wherein said authorization conditions 
control whether said first RV is authorized to request a response from said PAD. 

15. The system of claim 1, wherein the wide area network is the 
Internet. 

16. A personal access device (PAD) associated with a subscriber for 
conducting a transaction with privacy on a wide area network, said PAD 
comprising: 

a memory for storing a profile of the subscriber; 

a manually actuable command generator for generating commands; 

a transmitter for transmitting the commands to a privacy service 
provider (PSP) connected to the wide area network; and 

a receiver for receiving authorized requests from the PSP, the PSP 
communicating with said PAD under first conditions set by said profile, each 
authorized request having been received by said PSP over a privacy shield network 
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(PSN) connected to the wide area network from a registered vendor (RV) or 
another privacy service provider, the RV being registered on the PSN and 
communicating with the PSP under second conditions set by said profile. 

17. The PAD of claim 16, wherein the PSP receives first requests over 
the PSN and determines which ones of the first requests are authorized requests 
under said first conditions set by said profile. 

18. The PAD of claim 17, wherein if the PSP determines that one of the 
first requests is not an authorized request, the PSP selectively responds to this first 
request over the PSN under second conditions set by said profile. 

19. The PAD of claim 16, wherein said PAD is in the form of a 
selected one of a key chain fob, a pen, a cellular phone, a personal digital 
assistant, a computer and a card. 

20. The PAD of claim 16, wherein said PAD stores private data 
associated with the subscriber, and wherein the PSP releases any of said private 
data to the RV only under said first and second conditions. 

21. The PAD of claim 20, wherein the PSP also stores said profile and 
said private data. 

22. A privacy service provider (PSP) for facilitating communications 
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between a privacy shield network (PSN) and a personal access device (PAD) 
associated with a subscriber to the PSN, where the PAD stores a profile of the 
subscriber and where said PSP and the PSN are connected to a wide area network, 
said PSP comprising: 

a receiver for receiving commands from the PAD; 

a server for communicating with a registered vendor (RV) over the 
PSN under first conditions set by said profile and in accordance with commands 
received from the PAD, said server also for receiving first requests from the RV 
and for determining which ones of the first requests are authorized requests under 
second conditions set by said profile; and 

a transmitter for transmitting the authorized requests to the PAD. 

23. The PSP of claim 22, wherein said server is for communicating 
with a plurality of RVs over the PSN in the same way as with the first-mentioned 
RV. 

24. The PSP of claim 22, wherein the PAD stores private data 
associated with the subscriber, and wherein said PSP releases any of said private 
data to the RV only under said first and second conditions. 

25. The PSP of claim 24, wherein said PSP also stores said profile and 
said private data. 

26. A privacy shield network (PSN) connected to a wide area network, 
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said PSN controlling communications among a plurality of privacy service 
providers (PSPs) and a plurality of registered vendors (RVs), where each PSP is 
controlled by commands from a respective personal access device (PAD) 
associated with a respective subscriber to said PSN and is further controlled under 
conditions set by a profile associated with the respective subscriber stored in the 
respective PAD, said PSN comprising: 

a first server structure for controlling registration of vendors as 
RVs, where said PSN prevents transfer of communications from unregistered 
vendors to any of the PSPs and RVs; and 

a second server structure for controlling communications using the 
wide area network from any of the PSPs and RVs to any of the PSPs and RVs, 

wherein said second server structure controls any communication 
between a first one of the PSPs and any other one of the PSPs and RVs under 
conditions set by the profile stored in the PAD controlled by the first PSP. 

27. The PSN of claim 26, wherein said second server structure controls 
routing of communications from any of the PSPs and RVs to any of the PSPs and 
RVs over the wide area network. 

28. The PSN of claim 26, wherein each PAD stores private data 
associated with the respective subscriber, and wherein the associated PSP releases 
any of said private data to any of the PSPs and RVs only under said first and 
second conditions. 
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29. The PSN of claim 27, wherein at least one of the PSPs also stores 
said profile and said private data of the respective subscriber. 

30. A method of conducting a transaction with privacy using a privacy 
shield network (PSN) connected to a wide area network, said method comprising 
the steps of: 

storing a profile of a subscriber to the PSN in a personal access 
device (PAD) associated with the subscriber; 

generating commands using the PAD; 

accessing the PAD under first conditions set by the profile using a 
privacy service provider (PSP) connected to the wide area network, the PSP being 
controlled by the commands from the PAD; 

registering a vendor with the PSN as a registered vendor (RV) 
connected to the wide area network; and 

carrying communications between the PSP and the RV related to the 
transaction under second conditions set by the profile using the PSN. 

31. A method of using a personal access device (PAD) associated with a 
subscriber for conducting a transaction with privacy on a wide area network, said 
method comprising the steps of: 

storing a profile of the subscriber in a memory; 

generating commands to a privacy service provider (PSP) connected 
to the wide area network; and 

receiving authorized requests from the PSP, the PSP communicating 
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with the PAD under first conditions set by the profile, each authorized request 
having been received by the PSP under the control of a privacy shield network 
(PSN) connected to the wide area network, the RV being registered with the PSN 
and communicating with the PSP under second conditions set by the profile. 

32. A method of using a privacy shield network (PSN) connected to a 
wide area network to control communications among a plurality of privacy service 
providers (PSPs) and a plurality of registered vendors (RVs), where each PSP is 
controlled by commands from a respective personal access device (PAD) 
associated with a respective subscriber to the PSN and is further controlled under 
conditions set by a profile of the respective subscriber stored in the respective 
PAD, said method comprising the steps of: 

using a first service structure for controlling registration of vendors 
as RVs, where the PSN prevents transfer of communications of unregistered 
vendors to any of the PSPs and RVs; and 

using a second server structure for controlling communications using 
the wide area network from any of the PSPs and RVs to any of the PSPs and RVs, 

wherein the second server structure controls any communication 
between a first one of the PSPs and any other one of the PSPs and RVs under 
conditions set by the profile. 

33. A system for a plurality of individual subscribers to receive and 
transmit communications via the Internet, the system comprising: 

an XML privacy service provider (PSP) linked to the Internet for 
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36. The system of claim 33, wherein each PAD comprises: 
a CPU, an operating system and a memory device; 

a battery; 

a wireless RF communication chip; 

an input/output interface; and 

an encryption key embedded in removable ROM. 

37. A portable battery-powered personal access device (PAD) for use in 
a system for a plurality of individual subscribers to receive and transmit private 
personalized communications via the Internet, the system comprising an XML 
privacy service provider (PSP) linked to the Internet for communication, a 
plurality of private XML subscriber data files accessible to the PSP, each file 
being associated with a respective subscriber, said PAD being for each subscriber 
to access the respective file and communicate with the PSP, and a plurality of 
registered vendors (RVs) linked to the Internet for communication with the 
subscribers under conditions set by the respective files through the PSP, said PAD 
comprising: 

at least one programmable integrated circuit (IC) device that 
includes encrypted identification means; 

non-directional, short-range communication signal generation and 
receiving means; 

a CPU, an operating system and a memory device; and 

an input/output interface. 



38. 

said PAD. 



61 

The PAD of claim 37, wherein said IC device is removable from 



39. The PAD of claim 37, wherein the encrypted identification means is 
a unique digital code embedded in ROM. 

40. The PAD of claim 39, wherein said IC device is preprogrammed to 
disable the identification means in the event that security of the unique digital code 
is breached. 

41. The PAD of claim 37, further comprising a housing, an electronic 
display visible through an aperture in said housing and at least one manual actuator 
for controlling functions of said PAD. 

42. The PAD of claim 41, further comprising a microphone having an 
on/off switch and a voice recognition program that converts voice to digital data 
for storage in said memory device. 



